On 20 December 2017 at 11:43, Sunny <
indias...@gmail.com> wrote:
> Hi,
>
> I'm afraid dep can't do that right now because dep can consider
> packages in GOPATH only when initialized with certain flag, and you
> would lose your existing lock file if you do that. But I think that
> should be fine because you want what's in your GOPATH. So, deleting
> your manifest (Gopkg.toml) and lock (Gopkg.lock), and running `dep
> init -gopath` would work for you.
Hi,
Thanks for your response.
Deleting Gopkg.toml doesn't sound like a great idea, as that's got
human stuff that we want to keep.
Or are you suggesting something like this?
rm Gopkg.toml Gopkg.lock
dep init -gopath
git checkout Gopkg.toml
> It will still download the packages
> to dep's cache and that might take time, depending on your Internet
> speed.
I thought the point about the -gopath flag was that it didn't
go to the network. Is that wrong?
In general, I'm finding it a bit frustrating that most dep operations
go to the network for the latest version of all repositories, as repositories
change rarely, I usually don't mind about having the absolute latest version,
and fetching all that data takes ages (on the order of minutes) and isn't
even possible when I'm not connected to the internet.
I would much prefer it if all dep operations worked disconnected by default,
only going to the network if explicitly directed or when absolutely necessary
(e.g. no version of the dependency can be found in $GOPATH).
cheers,
rog.
> The resulting manifest and lock would have projects with the
> same version as in your GOPATH. Since dep performs static analysis and
> ensures that all the dependencies are met, you would be good.
>
> Hope this helps.
>
>
> On Wednesday, December 20, 2017 at 3:58:49 PM UTC+5:30, roger peppe wrote:
>>
>> Hi all,
>>
>> Is there way to update the lock file (only) from the versions of the
>> currently checked out dependencies in $GOPATH?
>>
>> I tried "dep ensure -no-vendor" but that spends ages (minutes)
>> going to fetch latest versions of all dependencies, and may
>> end up with something different, when I actually
>> just want to lock to what's already there.
>>
>> I'd expect it to check that the currently checked out dependencies
>> are compatible with Gopkg.toml, but otherwise just update
>> Gopkg.lock.
>>
>> Can some combination of "dep ensure" flags do this?
>>
>> cheers,
>> rog.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Go Package Management" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
go-package-manag...@googlegroups.com.
> To post to this group, send email to
go-package...@googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.